48 matches found
EUVD-2009-5021
Malware in sbrugna...
EUVD-2012-2305
Malware in sbrugna...
EUVD-2022-1860
Malicious code in bioql PyPI...
GHSA-WQ8G-HM94-5RQQ JBoss AS may expose root content if excluded-contexts list is mismatched
JBoss AS 7 prior to 7.1.1 and modcluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed...
JBoss AS may expose root content if excluded-contexts list is mismatched
JBoss AS 7 prior to 7.1.1 and modcluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed...
CVE-2012-1094
JBoss AS 7 prior to 7.1.1 and modcluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed...
Design/Logic Flaw
JBoss AS 7 prior to 7.1.1 and modcluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed...
CVE-2012-1094
JBoss AS 7 prior to 7.1.1 and modcluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed...
CVE-2012-1094
Summary: CVE-2012-1094 affects Red Hat/JBoss AS 7 before 7.1.1 with mod_cluster. The issue arises from how a default hostname is handled, causing the excluded-contexts list to be mismatched and the root context to be exposed. Affected software: JBoss Application Server 7.x up to 7.1.0 (and mod_cl...
Red Hat JBoss EAP and JBoss Application Server Privilege Vulnerability
Red Hat JBoss Application Server is a U.S. Red Hat Red Hat company based on Java EE open source application server. The product has a startup ultra-fast , lightweight , modular design , hot and parallel deployment , simple management , domain management and the first class components and other...
CVE-2012-2312
An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated...
Input validation
An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated...
CVE-2012-2312
CVE-2012-2312 affects JBoss AS 7 Community Release. The issue arises from improper security context propagation: a thread-pool-reused security context may retain the previous process’s context, enabling a local user to obtain elevated privileges. The connected documents corroborate the elevated-p...
CVE-2012-2312
An Elevated Privileges issue exists in JBoss AS 7 Community Release due to the improper implementation in the security context propagation, A threat gets reused from the thread pool that still retains the security context from the process last used, which lets a local user obtain elevated...
CVE-2012-2148
An issue exists in the property replacements feature in any descriptor in JBoxx AS 7.1.1 ignores java security policies...
CVE-2012-2148
Technical details (affected product/version, root cause, impact, or mitigations) are not publicly available in the provided documents. Monitor for updates to official advisories and vendor notices.
CVE-2012-2148
An issue exists in the property replacements feature in any descriptor in JBoxx AS 7.1.1 ignores java security policies...
CVE-2011-3606
A DOM based cross-site scripting flaw was found in the JBoss Application Server 7 before 7.1.0 Beta 1 administration console. A remote attacker could provide a specially-crafted web page and trick the valid JBoss AS user, with the administrator privilege, to visit it, which would lead into the DO...
CVE-2011-3606
A DOM based cross-site scripting flaw was found in the JBoss Application Server 7 before 7.1.0 Beta 1 administration console. A remote attacker could provide a specially-crafted web page and trick the valid JBoss AS user, with the administrator privilege, to visit it, which would lead into the DO...
Red Hat JBoss Application Server (AS) Console and Web Management Misconfiguration Vulnerability - Active Check
The default configuration of Red Hat JBoss Application Server AS does not restrict access to the console and web management interfaces, which allows remote attackers to bypass authentication and gain administrative access via direct requests. SPDX-FileCopyrightText: 2019 Greenbone AG Some text...